Reputation: 1735
FitBit subscription API: where is the association made between user and app
I reviewed the following documentation: FitBit Subscription API
Let's say I go through the fitbit setup and create a subscription for my app. Next, someone joins my website using the oauth 2.0 login for fitbit and agrees to provide access to activities and heart rate. When the person uses the fitbit api and their metrics are added to the fitbit system. How does the system know that my app's subscription api should get this person's metrics? Are there any extra steps that are needed for this to occur or is it driven by the user approving my app to receive this information?
Upvotes: 1
Views: 251
Answers (1)
Reputation: 1015
In the OAuth 2.0 authorization process, the user logs into Fitbit with their Fitbit user details, so the grant code and/or access token returned to your app will be associated with that Fitbit user account.
As explained under Making Requests in Fitbit's OAuth 2.0 documentation, your app must include the access token with each request it makes to the Fitbit API. The way to look at this is that your app will be making requests to the Fitbit API on behalf of a particular Fitbit user.
To make Fitbit call your service endpoint when there are updates for a particular user, your app must call the Fitbit API as described in Adding a Subscription. This request, like any other Fitbit API request, will include an access token, so Fitbit will know which Fitbit user the subscription is for.
Upvotes: 1
Related Questions
- Can't get Google Fit OAuth 2.0 linked to WearOS App
- What is the usage of OAuth 2.0 client id from Google Fit on Android
- get authorization from Fitbit using Oauth in iOS
- Unauthorized_client in fitbit
- Fitbit and OAuth 2.0
- Fitbit Authorization with OAuth.io
- Error in oAuth.io for Fitbit authentication
- OAuth flow for Android Wear apps
- Oauth.io Fitbit request not working after relaunching app
- FitBit - Authenticate on behalf of user